STATEN ISLAND, N.Y. — The FBI issued a warning Thursday about a dangerous phishing platform that can steal access to secure Microsoft 365 accounts.
The toolkit, called Kali365, exploits device code authorizations to bypass security measures, according to a public service announcement from the agency.
“Kali365 has primarily been distributed via Telegram, enabling cyber threat actors to obtain Microsoft 365 access tokens and bypass multi-factor authentication protocols without intercepting the user’s credentials,” said the agency…